New Member

CTO

Regrading OpenSSL - this highly depends on how this scanner checked the OpenSSL version. CentOS is a recompilation of RedHat EL and RedHat doesn't upgrade actual software versions when they release OS updates but they backport security / stability patches to the application version which was originally released with initial OS release. This way they don't have to run lengthy and expensive QA tests and can release security updates rather quickly. You can see if you have any pending OS / OS application updates by running the following command inside your VPS:

yum check-update

As for pop3 server - honestly I don't believe current version of courier-imap which is shipped by cPanel is vulnerable to such an old buffer overflow bug.